Week 04

Drupal content management system powers major websites of the world. On Wednesday, a critical security patch has been released for it. It solves the problem of remote code execution vulnerability that allows hackers to use the multiple systems of Drupal to be hacked. This problem was discovered by an employee of Drupal security auditing firm. The bug is being named as Dupalgeddon2. The first time it came to know about in 2014. Even an election security center has been affected and attacked due to this vulnerability.

Cyber-attacks are continuously increasing. These attacks need to be thwarted. Through the vulnerability, the attacker can easily reach the page and modify or even delete the data. This is a major security breach released by Drupal. It’s fortunate that no major attack has happened so far through this vulnerability but there is every chance in future to get such thing happen. The message from developers is to patch everything. There is need to protect crucial data from attackers and hackers. These crimes are increasing day by day so there is need to be cautious from outset. This kind of vulnerabilities needs to be removed.

Security researchers have uncovered a new hacking group that is aggressively targeting healthcare organizations and related sectors across the globe to conduct corporate espionage.

Dubbed “Orangeworm,” the hacking group has been found installing a wormable trojan on machines hosting software used for controlling high-tech imaging devices, such as X-Ray and MRI machines, as well as machines used to assist patients in completing consent forms.

According to a new report published by Symantec on Monday, the Orangeworm hacking group has been active since early 2015 and targeting systems of major international corporations based in the United States, Europe, and Asia with a primary focus on the healthcare sector.

This report covers Lighthouse AI, a startup hoping to install facial and voice recognition devices in homes. The program is similar to the access software in cellphones, but can do much more. You can set up multi-factor to include voice.

The technology uses 3D sensors to identify, not only human faces, but pets as well.

How about your door opens automatically as you approach it… Until someone “Steals your face right off your head”. He’s gone. RIP Jerry.

This ia an interesting option article about the CEO of FireEye which is a cybersecurtiy company that makesa bunch of tool for securtiy professionals. He said that if we go into a cyber war with russia with all their cyber resources VS ours, they would win. Which is really scary to think about. It means that securtiy needs to start being a higher imporantance.

IOS’ new feature which claimed to protect data is not safe. A serious Siri bug can easily penetrate into data even if the phone is locked. It need not unlock the phone, it will straightaway get into your hidden messages. This new bug is discovered by Mac magazine which reveals that you can easily ask Siri to retrieve information from a locked phone. Only apple’ messages are not affected. Rest all the messages by third-party apps have been prone to Siri.

Apple said it was aware of the issue and working to fix the bug. It said new software update will not have such breach. But the timeline for a new update has not been provided. Till the time new software comes, all the users are prone to data-stealing by Siri. All they can do is to disable the lock screen or disable the Siri when the phone is locked. Every company is vulnerable to data breaches. Till the time software comes, there will be risk regarding putting the information on the phone due to this vulnerability. Hopefully, users will be lucky.

A hacker identified only as B told sky news of a bug that let him take data of lakhs of users of TalkTalk. There were very sensitive information like bank account and other personal information. TalkTalk said it knew of the vulnerability but did not remove it as it though it is hard to be worried. After a report of sky news, TalkTalk has removed the vulnerability but many of the data has already been stolen.

It was very easy for the hacker. He just used to spread phishing email. As soon as the user used to click on the link, he or she used to directed on a site reportedly same to TalkTalk. Then users continued to use that site for quite a long period of time and filled all their password and personal information. This led to major data breaches. It put the millions of users of TalkTalk at risk. Even in 2015, hackers stole the data of 157000 users of TalkTalk. The company was also slapped with the big amount of fine in 2016 for major security breaches. That time it lost 1 lakh customers in the wake of the security breach.

According to Gartner, cyber-attacks will cost around 8 trillion $ to the corporate world, therefore to prevent itself from these attacks companies are ready to hire persons who will prevent the criminal data breaching. But there is a shortage of talent. There is the heavy demand for persons who will prevent cyber-attacks. Many companies are turning to another kind of hackers- the white cap. The companies are afraid of blackmail and another sort of criminal activities by cyber attackers. Many big Bug bounty programs will be run by the companies to prevent the mishappenings from any cyber-attack.

These jobs are going to increase in future because of more number of such incidents. There will be the need for protection and new technology. There will be need of real-time monitoring station to prevent these attacks. According to Gartner, criminal data breaches will cost $ 120 billion by 2021. So there is urgent need to have some protection from outright. There needs to be 24/7 monitoring throughout the year. Facebook recently started its Bug Bounty Program. Many more companies are in the race and will soon develop their own protection mechanism. Even the public entities are not saved from these attacks so they also need to pay attention.

The Pyeongchang Winter Olympics (In South Korea) was disrupted by a malware attack before and during the opening ceremony. The cyber-attack involved 12 hours of downtime on the official website, the collapse of WiFi in the Olympic stadium, and the failure of televisions and Internet at the main press center.

Various cybersecurity companies reported that it was a wiper malware attack that had spread through the Winter Games official network using stolen credentials. Wiper malware focuses on taking down networks and systems, and wiping the data. Experts have mentioned the hacker potentially being located in North Korea, China or Russia. Based on the Cisco Talos analysis, the attacker had intimate knowledge of the Winter Games’ network system and knew technical details of the infrastructure such as username, domain name, server name, and password. It has also been considered that the Olympics’ infrastructure was already comprised before the attack, making it possible to allow exfiltration of the used credentials.